That's just one looming I-war flashpoint. Another is an adjunct to the raging crypto debate: despite broad-based encryption's obvious merit as part of an I-war defense, the NSA and the FBI oppose it out of hand, on the grounds - not entirely unreasonable - that it makes their mission of listening in on potential enemies more problematic. The NSA, in particular, is looking on mournfully as encrypted communications spread around the world, obscuring its view even as the threat of I-war dramatically raises the stakes. In closed-door hearings where "black" budgets are debated, a powerful collision looms. And your local representatives may eventually be asked to ratify some tricky decisions - just as soon as they finish figuring out how to read their email.

If you're looking for someone to talk to about the vulnerability of computer networks, it would have to be Howard Frank, director of Darpa's Information Technology Office. Frank was on the team that 25 years ago invented the Internet - Doctor Frankenstein, if you will, now quietly trying to protect his creation from hostile new forces swarming around it.

Frank, an amiable, courteous man, patiently answers questions and puts things in perspective. The Internet, he says, was never designed to survive a nuclear war. Claims that it was designed to be invulnerable are urban myth, he's happy to tell you.

Frank is a Day After veteran; he even supervised one of the sessions. But at one point in our interview, he lets slip a remark so melodramatic that we can confidently expect it to be written into a Hollywood I-war blockbuster. We're chatting about last summer's big West Coast power outages, when suddenly he exclaims, "Each time I hear about one of these things, I say to myself, 'OK, it's started!' And when I find out it really didn't, I just think we've bought some additional time. But it will start."

So what do we do? "We've created a technology over a period of 20 or 30 years. It's going to take 10, 20 years to create an alternative technology that allows us a more sophisticated set of defenses."

That long? Who knows? It's like the drug war, or urban dwellers' perennial battles against roaches. It's not hard to grasp the problem, but solutions remain evasive, slippery, beyond reach.

Not that no one's looking. Darpa, for instance, is actively soliciting proposals for "research and new technology development related to the survivability of large-scale information systems whose continuous operation is critical to the defense and well-being of the nation." They're talking serious business here. They're talking survivability. And what they have in mind is not just any infrastructure "hardening"; this is cutting-edge stuff, grounded in the latest theories of ecological computing - digital versions of genetic variation and immune response. "There are naturally occurring models of survivable systems provided by biological organisms, populations, and societies," declares Darpa's request for proposals. "This research program uses these examples for metaphors and guidance about how to design survivable information systems."

Well, good luck to them. In the shorter term, more immediately practical ideas are also being pursued. The Defense Science Board estimates that to harden up US information networks will range from $3 billion for a so called Minimal Essential Information Infrastructure - a dedicated emergency system to keep necessary services running - to a pie-in-the sky $250 billion (roughly the Pentagon's annual budget) to globally secure everything to top-of-the-line DOD "Orange Book" standards. But the latter figure is vague, to say the least: from a technical point of view, it is essentially impossible to distinguish between the global telecom net, the US national network, and a single-purpose military one. Worse, nearly all those cables and switches belong not to Uncle Sam, but to highly competitive, deeply cost-averse private companies still glowing with satisfaction after their escape from Washington's regulatory shackles. A White House staffer who's been working on the issue puts it this way: "It's one thing to say to the private sector, 'You have a responsibility to defend yourself against hackers.' Fine, everyone's in favor. But if you suddenly say the threat is a foreign government or a terrorist group, there's no way in hell they're going to want to pay for that. They look at us and say, 'Isn't that your
job?'"